prosody
44a78985471f

Find changesets by keywords by author, files, the commit message, revision number or hash, or revset expression.

Software / code / prosody

Changeset

12912:44a78985471f

mod_saslauth: Support for SASL handlers forcing a specific resource The token layer supports tokens that are tied to a given resource.
author Matthew Wild <mwild1@gmail.com>
date Wed, 01 Mar 2023 12:56:08 +0000
parents 12911:ab1164eda011
children 12913:012fa81d1f5d
files plugins/mod_saslauth.lua
diffstat 1 files changed, 4 insertions(+), 2 deletions(-) [+]
line wrap: on
line diff
--- a/plugins/mod_saslauth.lua	Wed Mar 01 12:55:00 2023 +0000
+++ b/plugins/mod_saslauth.lua	Wed Mar 01 12:56:08 2023 +0000
@@ -54,6 +54,7 @@
 	elseif status == "success" then
 		local ok, err = sm_make_authenticated(session, session.sasl_handler.username, session.sasl_handler.role);
 		if ok then
+			session.sasl_resource = session.sasl_handler.resource;
 			module:fire_event("authentication-success", { session = session });
 			session.sasl_handler = nil;
 			session:reset_stream();
@@ -374,14 +375,15 @@
 
 module:hook("stanza/iq/urn:ietf:params:xml:ns:xmpp-bind:bind", function(event)
 	local origin, stanza = event.origin, event.stanza;
-	local resource;
-	if stanza.attr.type == "set" then
+	local resource = origin.sasl_resource;
+	if stanza.attr.type == "set" and not resource then
 		local bind = stanza.tags[1];
 		resource = bind:get_child("resource");
 		resource = resource and #resource.tags == 0 and resource[1] or nil;
 	end
 	local success, err_type, err, err_msg = sm_bind_resource(origin, resource);
 	if success then
+		origin.sasl_resource = nil;
 		origin.send(st.reply(stanza)
 			:tag("bind", { xmlns = xmlns_bind })
 			:tag("jid"):text(origin.full_jid));